If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

4:42 PM 4/25/2008:
"" I tried it with "Use simple file sharing" (recommended) checked...and the exploit WOULD NOT WORK. ""

sadly (sometimes !?!?!?) this is checked by default so I will look into some other things ...
you also want to check out the fastrack mass client side has GDI and QT exploits all in one etc ! ( this is part of the fast-track.py you must update it to current )

Firefox be design will not load a 'local share' this including \\SMB\image.jpg shares
( if anybody has a non javascript workaround please let me know FLASH also has the same security or just gets passed to firefox and then borks )

""Great job, but I got the well-known error message, which starts so:
"FAILED! The remote host has only provided us with Guest privileges...."""

read the error before that error the guest error just means the auth failed

Originally Posted by www

5. On a Windows XP Pro computer, make sure that remote logons are not being coerced to the GUEST account (aka "ForceGuest", which is enabled by default computers that are not attached to a domain). To do this, open the Local Security Policy editor (e.g. by typing 'secpol.msc' into the Run box, without quotes). Expand the "Local Policies" node and select "Security Options". Now scroll down to the setting titled "Network access: Sharing and security model for local accounts". If this is set to "Guest only", change it to "Classic" and restart your computer.

Can you clarify how this will affect a corporate network?
total ownage if they have admin rights ( why ? because nobody has a blank password in a corp LAN )

Will all clients be routed through my client by default or can you limit it to those that type in your IP address in the web browser?
you need to read how MIM works and also read up on ettercap how it works etc
simply just make a target list insted of // // use the target IP /victomloser_CEO/ //